Audit Log - CI/CD Glossary Definition
An audit log is an append-only record of security-relevant events: who did what, when, and from where. In CI/CD it covers workflow changes, secret access, runner registration, and deployment approvals.
Why it matters
Audit logs are the evidence trail for incident response and compliance. After a credential leak or a suspicious deploy, the audit log tells you which identity acted and what changed.
In GitHub
The organization audit log records events like secret creation, self-hosted runner registration, and changes to branch protection, and can be streamed to a SIEM for long-term retention.
Related guides
Structured Logging - CI/CD Glossary DefinitionStructured Logging: Structured logging emits log entries as machine-parseable records (usually JSON) with nam…
Secret Rotation - CI/CD Glossary DefinitionSecret Rotation: Secret rotation is the practice of replacing credentials (tokens, keys, passwords) on a regu…
Least Privilege - CI/CD Glossary DefinitionLeast Privilege: Least privilege is the principle that an identity (user, service, or CI job) should hold onl…